From 5c05b2ba364a49be26b00f661a569110c830d32d Mon Sep 17 00:00:00 2001
From: Dylan Hillerbrand <dhillerbrand@gmail.com>
Date: Thu, 7 Sep 2023 15:24:14 -0400
Subject: [PATCH] Add CSRF_TRUSTED_ORIGINS to settings.py

---
 app/public/cantusdata/settings.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/app/public/cantusdata/settings.py b/app/public/cantusdata/settings.py
index 54c0a30e..ce934f99 100644
--- a/app/public/cantusdata/settings.py
+++ b/app/public/cantusdata/settings.py
@@ -167,6 +167,7 @@
 
 SESSION_COOKIE_SECURE = is_production
 CSRF_COOKIE_SECURE = is_production
+CSRF_TRUSTED_ORIGINS = ["https://cantus.simssa.ca", "https://cantus.staging.simssa.ca"]
 
 SECURE_HSTS_SECONDS = 86400
 SECURE_HSTS_INCLUDE_SUBDOMAINS = is_production